<?php
//Start session
session_start();
 
//Then we retrieve the posted values for user and password.
$pass = $_POST['password'];
$pass = stripslashes($pass);
$pass = SQLite3::escapeString($pass);
$hashpass = md5($pass);

//Users defined in a SQLite database
$db = new PDO('sqlite:administrator.sqlite');
$result = $db->query("SELECT COUNT(*) AS count FROM users WHERE username = 'administrator' AND password = '$hashpass'");

if ($result->fetchColumn() > 0) {
	 //If user and pass match any of the defined users
	 $_SESSION['loggedin'] = true;
	 header("Location: index.php");
}else{
    header("Location: index.html");
    exit;
};
?>